<?
if (!defined('SMF'))
	die('Hacking attempt...');
	
global $smcFunc, $txt, $scripturl, $user_info;
global $dbtables, $color_header, $color_line1, $color_line2;

// Verify user login, if CheckLogin() returns false return to the calling script/function
if (CheckLogin() == false)
	return;

BigTitle($txt['bnt_sendm_title']);

//-------------------------------------------------------------------------------------------------

// Pull player info into $playerinfo.
$result = $smcFunc['db_query']('', '
	SELECT *
	FROM {raw:db_ships}
	WHERE user_id = {int:user_id}
	LIMIT 1',
	array(
		'db_ships' => $dbtables['ships'],
		'user_id' => $user_info['id'],
	)
);
$playerinfo = $smcFunc['db_fetch_assoc']($result);
$smcFunc['db_free_result']($result);

$content = (isset($_POST['content'])) ? $_POST['content'] : '';

if (isset($_GET['subject']))
	$subject = $_GET['subject'];
elseif (isset($_POST['subject']))
	$subject = $_POST['subject'];
else
	$subject = '';

if (isset($_GET['to']))
	$to = $_GET['to'];
elseif (isset($_POST['to']))
	$to = $_POST['to'];
else
	$to = '';

if (empty($content))
{	
	$result = $smcFunc['db_query']('', '
		SELECT character_name
		FROM {raw:db_ships}
		WHERE xenobe = "N"
		ORDER BY character_name ASC',
		array(
			'db_ships' => $dbtables['ships']
		)
	);
	
	echo '
		<br>
		<form action="', $scripturl, '?action=blacknova;sa=mailto2" method="post">
		<table>
			<tr>
				<td>', $txt['bnt_sendm_to'], ':</td>
				<td>
					<select name="to">';
					
	while ($row = $smcFunc['db_fetch_assoc']($result))
	{
		echo '			<option ';
		if ($row['character_name'] == $to)
			echo ' selected>';
		else
			echo '>';
		
		echo $row['character_name'], '</option>';
	}
	$smcFunc['db_free_result']($result);
	
	$result = $smcFunc['db_query']('', '
		SELECT team_name
		FROM {raw:db_teams}
		ORDER BY team_name ASC',
		array(
			'db_teams' => $dbtables['teams']
		)
	);
	
	while($row = $smcFunc['db_fetch_assoc']($result))
	{
		echo '			<option>', $txt['bnt_sendm_ally'], ' ', $row['team_name'], '</option>';
	}
	$smcFunc['db_free_result']($result);
	
	echo '			</select>
				</td>
			</tr>
			<tr>
				<td>', $txt['bnt_sendm_from'], ':</td>
				<td><input disabled type="text" name="dummy" size="40" maxlength="40" value="', $playerinfo['character_name'], '"></td>
			</tr>';
	
	if (!empty($subject))
		$subject = "RE: " . $subject;
	else
		$subject = '';
	
	echo '	<tr>
				<td>', $txt['bnt_sendm_subj'], ':</td>
				<td><input type="text" name="subject" size="40" maxlength="40" value="', $subject, '"></td>
			</tr>
			<tr>
				<td>', $txt['bnt_sendm_mess'], ':</td>
				<td><textarea name="content" rows="5" cols="40"></textarea></td>
			</tr>
			<tr>
				<td></td>
				<td><input type="submit" value="', $txt['bnt_sendm_send'], '"><input type="reset" value="', $txt['bnt_reset'], '"></td>
			</tr>
		</table>
		</form><br><br>';
}
else
{
	echo $txt['bnt_sendm_sent'], '<br><br>';

	if (strpos($to, $txt['bnt_sendm_ally']) === false)
	{
		$result = $smcFunc['db_query']('', '
			SELECT *
			FROM {raw:db_ships}
			WHERE character_name = {string:to}',
			array(
				'db_ships' => $dbtables['ships'],
				'to' => $to
			)
		);
		$target_info = $smcFunc['db_fetch_assoc']($result);
		$smcFunc['db_free_result']($result);
		
		$content = htmlspecialchars($content);
		$subject = htmlspecialchars($subject);
		
		$smcFunc['db_insert']('insert',
			$dbtables['messages'],
			array(
				'sender_id' => 'int',
				'recp_id' => 'int',
				'sent' => 'string',
				'subject' => 'string',
				'message' => 'string'
			),
			array(
				$playerinfo['ship_id'],
				$target_info['ship_id'],
				Now(),
				$subject,
				$content
			),
			''
		);
	}
	else
	{
		$to = str_replace ($txt['bnt_sendm_ally'], "", $to);
		$to = trim($to);
		$to = addslashes($to);
		
		$result = $smcFunc['db_query']('', '
			SELECT id
			FROM {raw:db_teams}
			WHERE team_name = {string:to}',
			array(
				'db_teams' => $dbtables['teams'],
				'to' => $to
			)
		);
		$teamid = $smcFunc['db_fetch_assoc']($result);
		$smcFunc['db_free_result']($result);

		$result = $smcFunc['db_query']('', '
			SELECT *
			FROM {raw:db_ships}
			WHERE team = {int:id}',
			array(
				'db_ships' => $dbtables['ships'],
				'id' => $teamid['id']
			)
		);

		while ($row = $smcFunc['db_fetch_assoc']($result))
		{
			$smcFunc['db_insert']('insert',
				$dbtables['messages'],
				array(
					'sender_id' => 'int',
					'recp_id' => 'int',
					'sent' => 'string',
					'subject' => 'string',
					'message' => 'string'
				),
				array(
					$playerinfo['ship_id'],
					$row['ship_id'],
					Now(),
					$subject,
					$content
				),
				''
			);
		}
	}
}

TextMainMenu();

?>
